Signature Detail

HTTP: Mozilla JavaScript Clipboard Access

This signature detects attempts to exploit a known vulnerability against Mozilla client's clipboard. All Mozilla 1.7.2 and NetScape Navigator 7.2 and prior versions are vulnerable. Attackers can download malicious JavaScript code to manipulate the clipboard contents and cause a denial-of-service condition or execute arbitrary code.

Extended Description

Mozilla is reportedly affected by multiple heap based buffer overflow vulnerabilities when processing URIs in emails. These issues are due to a failure of the affected application to validate user-supplied string lengths before copying them into finite process buffers. An attacker might leverage these issues to have arbitrary code executed in the context of the user running the vulnerable application.

Affected Products

• Conectiva Linux 10.0.0
• Conectiva Linux 9.0.0
• Mozilla Browser 1.7.0
• Mozilla Browser 1.7.1
• Mozilla Browser 1.7.2
• Mozilla Thunderbird 0.7.0
• Mozilla Thunderbird 0.7.1
• Mozilla Thunderbird 0.7.2
• Mozilla Thunderbird 0.7.3
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
• Red Hat Desktop 3.0.0
• Red Hat Enterprise Linux AS 2.1
• Red Hat Enterprise Linux AS 2.1 IA64
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux ES 2.1
• Red Hat Enterprise Linux ES 2.1 IA64
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux WS 2.1
• Red Hat Enterprise Linux WS 2.1 IA64
• Red Hat Enterprise Linux WS 3
• Red Hat Fedora Core1
• Red Hat Linux 7.3.0
• Red Hat Linux 7.3.0 I386
• Red Hat Linux 7.3.0 I686
• Red Hat Linux 9.0.0 I386
• SuSE Linux 8.1.0
• SuSE Linux Desktop 1.0.0
• SuSE Linux Personal 8.2.0
• SuSE Linux Personal 9.0.0
• SuSE Linux Personal 9.0.0 X86 64
• SuSE Linux Personal 9.1.0
• SuSE SUSE Linux Enterprise Server 8
• SuSE SUSE Linux Enterprise Server 9

References

• BugTraq: 11170
• CVE: CVE-2004-0902
• URL: https://bugzilla.mozilla.org/show_bug.cgi?id=257523